Lot of virus from deliveryexpr.com |
Post Reply ![]() |
Author | |
Shade ![]() Groupie ![]() ![]() Joined: 20 April 2006 Location: France Status: Offline Points: 45 |
![]() ![]() ![]() ![]() ![]() Posted: 14 April 2011 at 2:19am |
Thank you Roberto, that's exactly what I needed !
Best regards. |
|
![]() |
|
LogSat ![]() Admin Group ![]() ![]() Joined: 25 January 2005 Location: United States Status: Offline Points: 4104 |
![]() ![]() ![]() ![]() ![]() |
Shade,
We already replied via email, but for "Google", here's the same reply again :) ============================== Slight correction on your syntax - you should use a :NULL suffix (with only one colon, not two), not two in that domain blacklist to obtain the effect you're looking for. I hope this helps! |
|
![]() |
|
Shade ![]() Groupie ![]() ![]() Joined: 20 April 2006 Location: France Status: Offline Points: 45 |
![]() ![]() ![]() ![]() ![]() |
Dear Roberto,
At this time, we received lot of virus emails (W32/Malware), stopped by Norman, from same 5 or 6 domains, like, for example, deliveryexpr.com, etc. I have add this domain to blacklistfrom domain, with rule ::NULL, but Norman's antivirus still analyse emails with ::NULL rule, even if in our log, SF detect this as spam with message "emailfrom is in local blacklist" ... and ... "will be rejected" Is there a way to directly drop emails from, for example, *@deliveryexpr.com without norman's analyse (because of ::NULL rule) ? It will be very good thing to decrease server load due to Norman's av activity... Thank toy for reply, Raphael. |
|
![]() |
Post Reply ![]() |
|
Tweet
|
Forum Jump | Forum Permissions ![]() You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
This page was generated in 0.172 seconds.